General
Static task
static1
URLScan task
urlscan1
Malware Config
Targets
-
-
Target
https://www.mediafire.com/file/5orua7r1ypkun80/CE_Patch_Fix.lua/file
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Checks for any installed AV software in registry
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Pre-OS Boot
1Bootkit
1Defense Evasion
Impair Defenses
1File and Directory Permissions Modification
1Pre-OS Boot
1Bootkit
1